package com.example.demo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @ClassName：SecurityConfig
 * @Author: admin
 * @Date: 2024/12/9 16:56
 * @Description: 必须描述类做什么事情, 实现什么功能
 */
@Configuration
public class SecurityConfig {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        // 将api-docs和swagger-ui相关资源设置为允许匿名访问
        http.authorizeHttpRequests((authorizationManagerRequestMatcherRegistry) -> {
            authorizationManagerRequestMatcherRegistry.requestMatchers("/v3/api-docs").permitAll();
            authorizationManagerRequestMatcherRegistry.requestMatchers("/v3/api-docs/**").permitAll();
            authorizationManagerRequestMatcherRegistry.requestMatchers("/swagger-ui.html").permitAll();
            authorizationManagerRequestMatcherRegistry.requestMatchers("/swagger-ui/**").permitAll();

            // 其余资源登录后方可访问
            authorizationManagerRequestMatcherRegistry.anyRequest().authenticated();
        });

        // 其余spring security配置已省略
        // ...

        return http.build();
    }
}

